Bug 141103 - "sshd" run proper
"sshd" run proper
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openssh (Show other bugs)
4.0
ia64 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-11-29 04:24 EST by L3support
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-01-14 04:21:19 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description L3support 2004-11-29 04:24:14 EST
Description of problem:

We can login with RSA1 key,
when permition of "authorized_keys" is "644".
But we can't login with RSA1 key,
when permission of "authorized_keys" is "664".

"ssh" run properly ?

If "ssh" run properly,
why doesn't "ssh" allow to login,
when permission of "authorized_keys" is "664" ?

We think it's feature.
We'd like to know that why "ssh" doesn't allow to login as the feature.

Moreover, why is the file(with permission "664") created, 
when name(ID) of user and name(ID) of group are not equal
and ID of user is greater than 99 ?

We know that it's feature by "/etc/basrc".
We'd like to know that why "/etc/basrc" makes a distinction.

Version-Release number of selected component (if applicable):
openssh-3.9p1-3

How reproducible:
always

Steps to Reproduce:
1.# ssh-keygen -N (passphrase) -t rsa1
2.# cd .ssh
3.# cat identity.pub >> authorized_keys
4.# chmod 664 authorized_keys
5.Send RSA1 key(identity) to client.
6.Login with RSA1 key(identity).

Actual results:

we can't login with RSA1 key,
when permission of "authorized_keys" is "664".

Expected results:

 - If "ssh" run properly,
   We'd like to know that 
   why "ssh" doesn't allow to login as the feature.
   
 - We'd like to know that 
   why "/etc/basrc" makes a distinction.
   
   
Additional info:
Comment 1 L3support 2004-12-13 02:42:23 EST
Could you tell me status of problem ?
Comment 2 L3support 2004-12-27 03:50:04 EST
We would like to know the status of problem.
Comment 5 L3support 2005-01-14 00:48:32 EST
We would like to know that
following behavior is ssh's bug or feature.
---------------------------------------------
File Name         Permition     Login(with RSA1 key)
authorized_keys   644           OK
                  664           NG
---------------------------------------------
Comment 6 Jay Turner 2005-01-14 04:21:19 EST
Yes, in order for RSA authentication to work, the perms on authorized_keys must
be  644 (actually the key is that the file isn't group-writeable.)  I can't find
a defacto reference for you with a quick search, but if you run 'sshd -ddd'
you'll see a message stating permission denied.

Note You need to log in before you can comment on or make changes to this bug.